Bug Detected in Linux Mint Virtual Keyboard by Two Kids

Bug Detected in Linux Mint Virtual Keyboard by Two Kids

The Linux Mint screensaver has been detected with a flaw, it was discovered by two children who were playing on their dad’s computer. The maintainers of the Linux Mint project have labeled this security bug as vulnerable for it could have allowed any threat actor to bypass the OS screensaver and its password, accessing the locked desktops. 

Accessing the desktop in this way is as simple as via the virtual keyboard, the screensaver could be crashed, and the desktop would be unlocked.

"A few weeks ago, my kids wanted to hack my Linux desktop, so they typed and clicked everywhere while I was standing behind them looking at them play," states the user whose kids have discovered the flaw in the screensaver. He further added that his kids crashed the Linux Mint screensaver by pressing random keys on both the physical and the on-screen keyboards and bypassed the lock. Their father initially thought that this was an accidental move, however, the kids managed to do the same, second time as well.

Clement Lefebvre the developer of the Linux Mint also said that this issue was eventually tracked down to libcaribou, the on-screen keyboard (OSK) component that ships with Cinnamon, the desktop interface used by Linux Mint. In this regard, he wrote, “we’ll most likely patch libcaribou here”. 

The team mentioned that the vulnerability is generated when the user presses the "ē" key on the ‘on-screen’ keyboard, which eventually causes the system to crash. However, it is also observed that in most of the cases the bug generated crashes the Cinnamon desktop process if the virtual keyboard is left open for a long time, from the ..

Support the originator by clicking the read the rest link below.